Individuals and organizations often seek to protect their computing resources from security threats and corresponding attackers. Accordingly, enterprise organizations may employ a variety of security product solutions, such as endpoint antivirus products and network firewall products. In some examples, a security vendor, acting as a managed security service provider, may effectively manage a bundle of security services for a client. More specifically, in some examples, the managed security service provider may aggregate security incident signatures from a variety of endpoint security products and software security agents, thereby providing a more comprehensive and informative overview of computing resource security and relevant security incidents.
However, frequently an organization may deploy heterogeneous security products from different vendors and/or using differing classification and reporting schemes. The resulting heterogeneous signature sources to be consumed by the managed security service provider may include redundant information that appears distinct, thereby potentially reducing the effectiveness of the managed security service and/or adding confusion, expense, uncertainty, inconsistency, and human error to the administration and configuration of the managed security service.
The instant disclosure, therefore, identifies and addresses a need for systems and methods for providing integrated security management.